Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911503D/CF01B2CCEB3E11ED8A96DB5EC4F9AE02/F2439C1AEB4211EDB83DE270C4F9AE02.roa
File: F2439C1AEB4211EDB83DE270C4F9AE02.roa (raw, json)
Hash identifier: pTLezp3872oFUP10UFCAjfrKkGbGedCDyE1r8Pl4UAw=
Subject key identifier: D7:F5:90:2F:88:34:DA:5F:32:6F:20:85:60:3C:7F:E3:B0:D1:78:CE
Certificate issuer: /CN=A911503D/serialNumber=0A13C6E2BA544999738520F9EB335836C460C8C8
Certificate serial: 8F
Authority key identifier: 0A:13:C6:E2:BA:54:49:99:73:85:20:F9:EB:33:58:36:C4:60:C8:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ChPG4rpUSZlzhSD56zNYNsRgyMg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911503D/CF01B2CCEB3E11ED8A96DB5EC4F9AE02/F2439C1AEB4211EDB83DE270C4F9AE02.roa
Signing time: Wed 31 Jan 2024 06:46:31 +0000
ROA not before: Wed 31 Jan 2024 06:46:31 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 395743
IP address blocks: 103.110.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 15:37:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143 (0x8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911503D/serialNumber=0A13C6E2BA544999738520F9EB335836C460C8C8
Validity
Not Before: Jan 31 06:46:31 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65b9ecc7-df2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:dd:fa:7a:45:ad:a1:ad:5e:f4:9a:6a:32:b2:
8a:a0:fc:e8:11:d5:f1:35:0c:e3:33:ff:a3:ab:01:
53:52:89:d0:51:24:d5:66:b0:37:52:b3:27:71:cc:
15:fc:27:81:0c:84:69:6a:4b:a6:f9:df:ab:30:5a:
58:03:55:03:56:70:6d:a7:4a:9c:c7:0e:01:cc:14:
88:64:6e:8b:8f:08:7e:c8:2d:70:6a:73:bc:aa:bb:
de:b0:cf:b0:89:ac:3d:b3:e9:97:a9:9e:4f:38:c7:
82:48:ff:ab:e9:07:4b:63:68:e5:80:46:80:18:c1:
c4:87:a6:17:64:21:18:94:9a:8a:88:77:fd:ce:d4:
d0:f7:45:bd:2f:e5:88:be:59:1d:30:f9:ef:cc:9e:
b5:55:13:ee:d7:1f:ab:30:03:f6:1e:24:6d:e5:c9:
0c:d8:b1:88:ce:a1:c0:4d:be:4d:47:b6:88:5b:31:
4e:f7:b3:88:2f:23:ee:5e:1f:04:fa:9a:40:5b:12:
21:5e:d4:5b:c8:f5:6c:83:de:d2:94:4f:74:08:59:
32:78:12:63:c6:dd:b3:16:ee:fd:c5:ec:ea:55:aa:
65:4d:8e:dd:64:45:ae:88:83:94:fb:94:aa:12:d4:
ca:e1:de:70:6e:ed:e4:6d:5b:c4:f0:8e:1f:a6:0b:
38:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:F5:90:2F:88:34:DA:5F:32:6F:20:85:60:3C:7F:E3:B0:D1:78:CE
X509v3 Authority Key Identifier:
keyid:0A:13:C6:E2:BA:54:49:99:73:85:20:F9:EB:33:58:36:C4:60:C8:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911503D/CF01B2CCEB3E11ED8A96DB5EC4F9AE02/ChPG4rpUSZlzhSD56zNYNsRgyMg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ChPG4rpUSZlzhSD56zNYNsRgyMg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911503D/CF01B2CCEB3E11ED8A96DB5EC4F9AE02/F2439C1AEB4211EDB83DE270C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.110.131.0/24
Signature Algorithm: sha256WithRSAEncryption
84:25:15:d1:a5:fb:95:b0:d1:b2:ce:e2:df:8d:bc:8d:88:71:
2d:f7:48:9e:6a:ff:f2:3d:4e:1b:ba:05:72:77:ed:86:2e:ef:
57:7a:04:a4:ef:a4:da:22:66:fa:e8:f9:4f:53:ba:93:ca:d2:
67:5a:6d:24:e4:1c:b1:1d:a7:2d:54:ed:25:6a:5e:87:44:69:
ab:bd:73:15:52:56:4f:59:ff:d1:db:4a:51:45:de:04:64:c2:
99:7c:ee:4d:ad:bc:17:0f:27:8e:d8:35:6a:21:0d:12:9f:42:
2b:c9:6d:33:ec:47:96:c4:c0:9a:8a:00:1d:6e:cb:bf:0a:fb:
ff:43:98:82:e3:79:1c:c5:85:d9:76:82:ab:4b:ad:c4:1f:13:
d2:44:e2:7f:1b:49:ff:6e:a7:ff:5e:31:c8:fb:88:0e:d7:b8:
bf:c2:58:75:ac:28:75:73:d0:cd:b5:ff:5f:8c:cc:a6:f6:8d:
f7:67:f4:08:c6:b8:7b:2b:ff:c7:e0:5c:c4:61:de:28:f7:df:
d5:98:10:58:9b:23:5c:a7:80:cd:a3:41:38:4c:cb:22:32:e0:
5a:fa:59:51:32:e2:17:83:65:ee:0d:c1:b4:ac:60:a1:68:45:
99:21:c8:46:77:2d:56:be:a0:d7:15:31:a0:1e:f2:1a:29:3b:
f9:b7:b4:a7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAI8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTUwM0QxMTAvBgNVBAUTKDBBMTNDNkUyQkE1NDQ5OTk3Mzg1MjBGOUVCMzM1ODM2
QzQ2MEM4QzgwHhcNMjQwMTMxMDY0NjMxWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5ZWNjNy1kZjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArN36ekWtoa1e9JpqMrKKoPzoEdXxNQzjM/+jqwFTUonQUSTVZrA3UrMnccwV
/CeBDIRpakum+d+rMFpYA1UDVnBtp0qcxw4BzBSIZG6Ljwh+yC1wanO8qrvesM+w
iaw9s+mXqZ5POMeCSP+r6QdLY2jlgEaAGMHEh6YXZCEYlJqKiHf9ztTQ90W9L+WI
vlkdMPnvzJ61VRPu1x+rMAP2HiRt5ckM2LGIzqHATb5NR7aIWzFO97OILyPuXh8E
+ppAWxIhXtRbyPVsg97SlE90CFkyeBJjxt2zFu79xezqVaplTY7dZEWuiIOU+5Sq
EtTK4d5wbu3kbVvE8I4fpgs4mwIDAQABo4IClTCCApEwHQYDVR0OBBYEFNf1kC+I
NNpfMm8ghWA8f+Ow0XjOMB8GA1UdIwQYMBaAFAoTxuK6VEmZc4Ug+eszWDbEYMjI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNTAzRC9DRjAxQjJDQ0VC
M0UxMUVEOEE5NkRCNUVDNEY5QUUwMi9DaFBHNHJwVVNabHpoU0Q1NnpOWU5zUmd5
TWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NoUEc0cnBVU1psemhTRDU2ek5ZTnNSZ3lNZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTUwM0QvQ0YwMUIyQ0NFQjNFMTFFRDhBOTZEQjVFQzRGOUFFMDIvRjI0MzlDMUFF
QjQyMTFFREI4M0RFMjcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnboMwDQYJKoZIhvcNAQELBQADggEBAIQlFdGl+5Ww0bLO
4t+NvI2IcS33SJ5q//I9Thu6BXJ37YYu71d6BKTvpNoiZvro+U9TupPK0mdabSTk
HLEdpy1U7SVqXodEaau9cxVSVk9Z/9HbSlFF3gRkwpl87k2tvBcPJ47YNWohDRKf
QivJbTPsR5bEwJqKAB1uy78K+/9DmILjeRzFhdl2gqtLrcQfE9JE4n8bSf9up/9e
Mcj7iA7XuL/CWHWsKHVz0M21/1+MzKb2jfdn9AjGuHsr/8fgXMRh3ij339WYEFib
I1yngM2jQThMyyIy4Fr6WVEy4heDZe4NwbSsYKFoRZkhyEZ3LVa+oNcVMaAe8hop
O/m3tKc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:55 2024 by rpki-client on console-fra.rpki-client.org